Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-19 | CVE-2022-40607 | Path Traversal vulnerability in IBM Spectrum Scale IBM Spectrum Scale 5.1 could allow users with permissions to create pod, persistent volume and persistent volume claim to access files and directories outside of the volume, including on the host filesystem. | 6.8 |
| 2022-12-19 | CVE-2022-41418 | Path Traversal vulnerability in Blogengine Blogengine.Net 3.3.8.0 An issue in the component BlogEngine/BlogEngine.NET/AppCode/Api/UploadController.cs of BlogEngine.NET v3.3.8.0 allows attackers to execute arbitrary code via uploading a crafted PNG file. | 7.2 |
| 2022-12-19 | CVE-2022-4063 | Path Traversal vulnerability in Pluginus Inpost Gallery 2.1.4.1 The InPost Gallery WordPress plugin before 2.1.4.1 insecurely uses PHP's extract() function when rendering HTML views, allowing attackers to force the inclusion of malicious files & URLs, which may enable them to run code on servers. | 9.8 |
| 2022-12-17 | CVE-2022-23531 | Path Traversal vulnerability in Datadoghq Guarddog GuardDog is a CLI tool to identify malicious PyPI packages. | 7.8 |
| 2022-12-16 | CVE-2022-20505 | Path Traversal vulnerability in Google Android 13.0 In openFile of CallLogProvider.java, there is a possible permission bypass due to a path traversal error. | 6.7 |
| 2022-12-16 | CVE-2022-46137 | Path Traversal vulnerability in Aerocms Project Aerocms 0.0.1 AeroCMS v0.0.1 is vulnerable to Directory Traversal. | 7.5 |
| 2022-12-15 | CVE-2022-45969 | Path Traversal vulnerability in Alist Project Alist 3.4.0 Alist v3.4.0 is vulnerable to Directory Traversal, | 9.8 |
| 2022-12-15 | CVE-2022-4511 | Path Traversal vulnerability in Docsys Project Docsys A vulnerability has been found in RainyGao DocSys and classified as critical. | 7.5 |
| 2022-12-15 | CVE-2020-24855 | Path Traversal vulnerability in Easyjs Easywebpack-Cli Directory Traversal vulnerability in easywebpack-cli before 4.5.2 allows attackers to obtain sensitive information via crafted GET request. | 5.3 |
| 2022-12-14 | CVE-2022-31703 | Path Traversal vulnerability in VMWare Vrealize LOG Insight The vRealize Log Insight contains a Directory Traversal Vulnerability. | 7.5 |